On Sat, Sep 27, 2003 at 04:39:52PM +1000, Paul Gear wrote: > As the subject says, i think 'useNoSSLForPackages' is rather badly > conceived. Whenever i see an option that has the word "No" or "Don't" > in it, alarm bells ring in my head. > > This is a recipe for confusion. Can we get future versions of the > option renamed to "useSSLForPackages"? Is this really enough of a reason to break compatibility with old config files? > (I would make it off by default, > too, since many packages are rather large and some of us still pay a lot > for bandwidth.) I would expect the effect of SSL on bandwidth use to be minimal. If you really want to reduce bandwidth, I think there would be more gains if some RPM packages were compressed using bzip2 rather than gzip. Besides, SSL provides real security. For instance, the fact that SSL is enabled by default was a good defense against this hole: https://rhn.redhat.com/errata/RHSA-2003-255.html -Barry K. Nathan <barryn@xxxxxxxxx>
